<?php
include('../_libs/mysql.php');
include('../_libs/Classes/web/main.class.php');
include('../_libs/Classes/game/character.class.php');
if(!isset($_SESSION['access_level'])) {
	$_SESSION['access_level'] = 0;
}
if($_SESSION['access_level'] >= 1) {
$language = parse_ini_file('../'.$lang . '/search.module.php');
$char = new character;
$main = new main;
if (empty($_GET['action'])) {
	$main->logAction($_SESSION['id'], 'search_user_log', 1);

    $search = $_GET['suche'];
    /* INSERT LAST SEARCH FOR USER */
    $sql = 'INSERT INTO ' . DB_CMS . '.log_lastsearch (text, timestamp, userID) VALUES (:search, CURRENT_TIMESTAMP, :userid)';
    $dbh = $connection->prepare($sql);
    $dbh->bindValue(':search', $search);
    $dbh->bindValue(':userid', $_SESSION['id']);
    $dbh->execute();

    /* SEARCH ALL DATAS */
    $sql = 'SELECT a.id, a.name AS accname, a.email AS email, a.last_ip as last_ip,  a.activated, p.name, p.account_name FROM ' . DB_LOGIN . '.account_data AS a LEFT JOIN ' . DB_GAME . '.players AS p ON a.name = p.account_name WHERE (a.name LIKE :search OR a.email LIKE :search OR a.last_ip LIKE :search OR a.id LIKE :search) OR p.name LIKE :search GROUP BY a.id';
    $dbh = $connection->prepare($sql);
    $dbh->bindValue(':search', "%{$search}%", PDO::PARAM_STR);
    $dbh->execute();

    foreach ($dbh->fetchAll(PDO::FETCH_ASSOC) as $ds) {
        $id = $ds['id'];
        if (empty($ds['last_ip'])) {
            $ds['last_ip'] = $language['noip'];
        }
        if (empty($ds['email'])) {
            $ds['email'] = $language['nomail'];
        }
        if ($ds['activated'] == 0) {
            $activ = '<span style="color:red;">'.$language['accountbanned'].'</span>';
        } else {
            $activ = '<span style="color:green;">'.$language['accountnbanned'].'</span>';
        }
        ?>
        <fieldset style="width:98%; margin:0 auto;">
            <legend><a href="index.php?mod=profile&userID=<?php echo $ds['id'] ?>">&raquo;<b><?php echo $ds['accname']; ?> (<?php echo $ds['email'] ?> & <?php echo $ds['last_ip']; ?>) - <?php echo $activ; ?></a></legend>
            <table width="100%" border="0" cellspacing="1" cellpadding="3">
                <tr >
                    <td width="30%" class="header" align="left"><?php echo $language['charname']; ?></td>
                    <td width="30%" class="header" align="center"><?php echo $language['fraction']; ?></td>
                    <td width="30%" class="header" align="center"><?php echo $language['class']; ?></td>
                    <td width="10%" class="header" align="center"><?php echo $language['action']; ?></td>
                </tr>
                <?php
                $sql = 'SELECT * FROM ' . DB_GAME . '.players WHERE account_ID = :id';
                $dbh = $connection->prepare($sql);
                $dbh->bindValue(':id', $ds['id']);
                $dbh->execute();
                $any_entries = $dbh->rowCount();

                if ($any_entries) {

                    $i = 1;
                    while ($row = $dbh->fetch(PDO::FETCH_ASSOC)) {
                        ?>
                        <tr >
                            <td class="body" width="30%" align="left"><?php echo $row['name']; ?>(<?php echo $char->getLevel($row['exp']); ?>)</td>
                            <td class="body" width="30%" align="center"><?php echo $char->getRace($row['race']) ?></td>
                            <td class="body" width="30%" align="center"><?php echo $char->getClass($row['player_class']); ?></td>
                            <td class="body" width="10%" align="right"><a href="index.php?mod=character&charID=<?php echo $row['id'] ?>">Details</a></td>
                        </tr>
                        <?php
                    }
                }
                ?>
            </table>
        </fieldset>
        <?php
    }
} else {
    ?>
    <?php
    $sql = 'SELECT * FROM ' . DB_CMS . '.log_lastsearch WHERE userID = :userID ORDER BY id DESC LIMIT 10';
    $dbh = $connection->prepare($sql);
    $dbh->bindValue(':userID', $_SESSION['id']);
    $dbh->execute();
    $i = 1;
    while ($ds_search = $dbh->fetch(PDO::FETCH_ASSOC)) {
        $date = date_create($ds_search['timestamp']);
        $timestamp = date_format($date, "d.m.Y H:i");
        $i = ($i == 1) ? 2 : 1;
        ?>
        <tr>
            <td width="70%"><input type="text" style="border:0px; width:180px; cursor:pointer; box-shadow:none;" class="td<?php echo $i; ?>" value="<?php echo $ds_search['text']; ?>" width="250px" onclick="$('#suche').val( $(this).val() )" readonly></td>
            <td width="30%" align="right" style="font-size:12px;"><?php echo $timestamp ?></td>
        </tr>
        <?php
    }
    ?>
    <?php
}
}
?>